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SUBJECT:  Audit  Report  on  Year  2000  End-to-End  Testing:  Logistics  Capstone  Plan 
(Report  No.  00-002) 


We  are  providing  this  report  for  review  and  comment.  This  report  is  one  in  a 
series  of  reports  being  issued  by  the  Inspector  General,  DoD,  in  accordance  with  an 
informal  partnership  with  the  DoD  Chief  Information  Officer  to  identify  progress  made 
by  DoD  Components  that  are  preparing  information  and  technology  systems  for  year 
2000  compliance.  We  considered  management  comments  on  a  draft  of  this  report  in 
preparing  the  final  report. 

DoD  Directive  7650.3  requires  that  all  recommendations  be  resolved  promptly, 
and  there  is  special  urgency  regarding  year  2000  conversion  issues.  We  did  not  receive 
comments  from  the  Chief  Information  Officers  for  the  Army  and  the  Navy.  Comments 
from  the  Deputy  Under  Secretary  of  Defense  (Logistics)  and  the  Defense  Logistics 
Agency  were  responsive.  We  request  that  the  Chief  Information  Officers  for  the  Army 
and  the  Navy  provide  comments  on  Recommendation  2.  by  October  18,  1999. 

We  appreciate  the  courtesies  extended  to  the  audit  staff.  Questions  on  the  audit 
should  be  directed  to  Mr.  Tilghman  Schraden  at  (703)  604-9186  (DSN  664-9186) 
(tschraden@dodig.osd.mil)  or  Ms.  Kathryn  Palmer  at  (703)  604-8840  (DSN  664-8840) 
(kpalmer@dodig.osd.mil).  See  Appendix  C  for  the  report  distribution.  The  audit  team 
members  are  listed  inside  the  back  cover. 
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Year  2000  End-to-End  Testing:  Logistics  Capstone  Plan 
Executive  Summary 


Introduction.  This  is  one  in  a  series  of  reports  being  issued  by  the  Inspector  General, 
DoD,  in  accordance  with  an  informal  partnership  with  the  Chief  Information  Officer, 
DoD,  to  monitor  DoD  efforts  to  address  the  year  2000  computing  challenge.  For  a 
complete  listing  of  audit  projects  addressing  the  issue,  see  the  year  2000  web  pages  on 
the  IGnet  at  http://www.ignet.gov. 

The  DoD  Year  2000  Management  Plan  (DoD  Management  Plan),  Appendix  I,  assigns 
responsibility  to  the  Principal  Staff  Assistants  for  “ensuring  the  end-to-end  functional 
process  flows  that  support  their  functional  area  are  assessed  either  in  a  JS/CINC  [Joint 
Staff/Commander  in  Chief]  Y2K  [Year  2000]  Op  Eval  [Operational  Evaluation],  a 
Service-sponsored  System  Integration  Test,  or  through  a  Functional-Area  Y2K  End-to- 
End  Test.”  Appendix  I  also  states  that  the  Principal  Staff  Assistant  responsibilities 
include  “planning,  executing,  and  evaluating  all  mission-critical  systems  not  otherwise 
tested  and  for  ensuring  that  processes  that  fall  within  their  purview  are  evaluated.”  The 
Deputy  Under  Secretary  of  Defense  (Logistics)  (DUSD[L])  acts  on  behalf  of  the  Under 
Secretary  of  Defense  for  Acquisition  and  Technology,  the  Principal  Staff  Assistant  for 
logistics,  in  performing  those  functions  for  the  logistics  functional  area. 

Logistics  functional  end-to-end  testing  was  divided  into  three  phases.  The  first  was 
Level  I,  intra-Component  testing,  and  the  second  was  Level  II,  inter-Component 
testing.  Level  III  testing  was  to  be  conducted  as  required  to  perform  retesting.  The 
DUSD(L)  provided  oversight  for  Level  II  testing  while  delegating  responsibility  for 
execution  of  the  Level  I  testing  to  the  Components.  Level  II  testing  began  on  May  25, 
1999,  and  was  completed  on  July  14,  1999.  In  a  working  draft  report,  “Logistics  Year 
2000  End-to-End  Level  II  Exercise  Evaluation  Report,”  September  1999,  the  Joint 
Interoperability  Test  Command  concluded  that  the  mission-critical  logistics  processes 
will  continue  unaffected  by  year  2000-related  issues  and  that  the  logistics  automated 
information  systems  will  operate  as  a  whole  to  support  the  five  mission-critical  logistics 
processes  included  in  Level  II  testing.  DUSD(L)  representatives  stated  that  Level  III 
testing  would  not  be  required  because  of  the  successful  demonstration  of  year  2000 
capabilities  by  the  logistics  systems  participating  in  the  test  of  the  five  mission-critical 
logistics  processes. 

Objectives.  The  audit  objective  was  to  evaluate  the  effectiveness  of  the  year  2000 
end-to-end  tests  planned  for  the  logistics  functional  area.  This  report,  the  first  in  a 
series  on  logistics  end-to-end  testing,  focuses  on  the  overall  end-to-end  test  planning 
accomplished  by  the  DUSD(L).  Subsequent  reports  will  address  Component  test 
planning  and  test  results. 

Results.  The  end-to-end  test  planning  for  the  inter-Component  mission-critical  logistics 
processes  generally  met  the  requirements  outlined  in  the  DoD  Management  Plan.  In 
response  to  the  practical  limitations  imposed  by  resource  constraints  and  calendar  time 
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remaining,  the  DUSD(L),  in  conjunction  with  the  Logistics  Year  2000  Interface 
Assessment  Working  Group,  prioritized  the  logistics  processes  and  data  flows  that  were 
included  in  testing  based  on  their  criticality  to  the  warfighter.  Out  of  15  core  logistics 
processes,  5  were  identified  as  critical.  The  testing  of  logistics  systems  supporting  the 
5  mission-critical  processes  was  limited  to  371  mission-critical  systems  out  of  the  149^ 
listed  in  the  DoD  Year  2000  Reporting  Database.  However,  the  DUSD(L)  did  not 
formally  document  the  risk  assessment  process  that  was  required  to  be  conducted  as 
part  of  identifying  and  prioritizing  the  core  logistics  processes.  Additionally,  the 
DUSD(L)  did  not  systematically  monitor  the  content  of  the  commander  in  chief 
operational  evaluations  or  Service  integration  tests  to  ensure  that  any  systems  or 
processes  not  covered  were  identified  and  included  in  the  logistics  functional  end-to-end 
tests.  Although  the  DUSD(L)  proposed  an  additional  risk  mitigation  step,  the  Chief 
Information  Officers  of  the  Components,  except  for  the  Air  Force,  had  not  agreed  to 
perform  the  verification  and  validation  of  100  percent  of  mission-critical  code.  As  a 
result,  more  needs  to  be  done  to  enable  the  DUSD(L)  to  perform  an  overall  assessment 
of  the  logistics  functional  area’s  year  2000  readiness  and  the  Chief  Information  Officers 
of  the  Components  need  to  support  the  DUSD(L)  efforts  to  ensure  that  critical  logistics 
systems  will  operate  in  a  year  2000  environment.  See  the  Finding  section  for  details. 

Summary  of  Recommendations.  We  recommend  that  the  DUSD(L)  develop  a  risk 
management  plan  that  includes  a  risk  assessment  and  mitigation  plan  for  all  logistics 
processes  and  their  mission-critical  systems,  with  emphasis  on  risks  associated  with  the 
selection  of  the  five  mission-critical  processes.  We  also  recommend  that  the  Chief 
Information  Officers  of  the  Army,  the  Navy,  and  the  Defense  Logistics  Agency  (DLA) 
implement  the  DUSD(L)  requirement  to  perform  an  independent  verification  and 
validation  of  100  percent  of  the  software  code  that  impacts  the  mission-critical  logistics 
processes. 

Management  Comments.  The  DUSD(L)  concurred,  stating  that  a  risk  assessment  had 
not  been  completed.  Mitigation  actions  that  result  from  the  assessment  will  be  worked 
within  the  Logistics  Year  2000  Interface  Assessment  Working  Group.  Although  not 
required  to  respond,  the  DUSD(L)  also  agreed  with  the  recommendation  for  the  Army, 
the  Navy,  and  DLA  to  perform  code  scanning,  stating  that  all  mission-critical  logistics 
software  should  be  reviewed  using  advanced  automated  tools.  The  Army  and  the  Navy 
did  not  provide  comments  on  that  recommendation.  DLA  partially  concurred,  stating 
that  it  had  undertaken  a  code  scanning  program  for  its  mission-critical  logistics  systems 
and  had  put  budgetary  and  administrative  provisions  in  place  to  scan  its  mission-critical 
systems.  A  discussion  of  management  comments  is  in  the  Finding  section  of  the  report, 
and  the  complete  text  is  in  the  Management  Comments  section. 

Audit  Response.  DUSD(L)  and  DLA  comments  were  responsive.  We  request  that  the 
Army  and  the  Navy  provide  comments  on  the  final  report  by  October  18,  1999. 


'According  to  information  provided  by  the  participating  Components  since  the  issuance  of  the  draft 
report,  a  total  of  31  mission-critical  logistics  systems  were  tested  during  Level  II  testing. 

JSince  the  issuance  of  the  draft  report,  the  Air  Force  dropped  a  total  of  3  systems  from  the  DoD  Year 
2000  Reporting  Database  and  DLA  changed  the  functional  area  code  of  1  mission-critical  system  from 
environmental  security  to  logistics,  which  resulted  in  a  new  total  of  147  mission-critical  logistics 
systems  as  of  September  22,  1999. 
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Background 

Executive  Order.  Because  of  the  potential  failure  of  computers  to  function 
throughout  the  Government,  the  President  issued  Executive  Order  13073,  “Year 
2000  Conversion,”  February  4,  1998,  making  it  policy  that  Federal  agencies 
ensure  that  no  critical  Federal  program  experiences  disruption  because  of  the 
year  2000  (Y2K)  problem.  The  order  requires  that  the  head  of  each  agency 
ensure  that  efforts  to  address  the  Y2K  problem  receive  the  highest  priority 
attention  in  the  agency. 

Public  Law.  Public  Law  105-261,  “National  Defense  Authorization  Act  for 
Fiscal  Year  1999,”  October  17,  1998,  Section  334(b),  directs  that  the  Secretary 
of  Defense  ensure  that  “all  mission-critical  systems  that  are  expected  to  be  used 
if  the  Armed  Forces  are  involved  in  a  conflict  in  a. major  theater  of  war  are 
tested  in  at  least  two  exercises.”  In  addition,  Section  334(d)  states: 

“Alternative  Testing  Method.  In  the  case  of  an  information  technology  or 
national  security  system  for  which  a  simulated  year  2000  test  as  part  of  a 
military  exercise  described  in  subsection  (c)  is  not  feasible  or  presents  undue 
risk,  the  Secretary  of  Defense  shall  test  the  system  using  a  functional  end-to-end 
test  or  through  a  Defense  Major  Range  and  Test  Facility  Base.” 

DoD  Year  2000  Management  Strategy.  In  his  role  as  the  DoD  Chief 
Information  Officer,  the  Senior  Civilian  Official,  Office  of  the  Assistant 
Secretary  of  Defense  (Command,  Control,  Communications,  and  Intelligence), 
issued  the  “DoD  Year  2000  Management  Plan,  Version  2.0”  (DoD 
Management  Plan)  in  December  1998.  The  DoD  Management  Plan  required 
DoD  Components  to  implement  a  five-phase  (awareness,  assessment, 
renovation,  validation,  and  implementation)  Y2K  management  process  to  be 
completed  by  December  31,  1998,  for  mission-critical  systems. 

The  DoD  Management  Plan  also  provides  guidance  for  implementing  the 
Deputy  Secretary  of  Defense  memorandum,  “Year  2000  (Y2K)  Verification  of 
National  Security  Capabilities,”  August  24,  1998,  that  requires  that  each 
Principal  Staff  Assistant  (PSA)  of  the  Office  of  the  Secretary  of  Defense  “verify 
that  all  functions  under  his  or  her  purview  will  continue  unaffected  by  Y2K 
issues.”  That  verification  was  to  be  performed  after  completion  of  the  five- 
phase  management  approach  that  culminated  with  completion  of  the 
implementation  phase,  December  31,  1998.  That  further  testing,  to  be 
conducted  during  the  first  half  of  1999,  was  planned  and  conducted  from  a 
mission  perspective  rather  than  a  system  perspective  and  would  increase  the 
confidence  that  any  errors  or  omissions  in  system  remediation  would  be  found. 
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Objectives 


The  audit  objective  was  to  evaluate  the  effectiveness  of  the  Y2K  end-to-end  tests 
planned  for  the  logistics  functional  area.  This  report,  the  first  in  a  series  on 
logistics  end-to-end  testing,  focuses  on  the  overall  end-to-end  test  planning 
accomplished  by  the  Deputy  Under  Secretary  of  Defense  (Logistics) 

(DUSD[L]).  Subsequent  reports  will  address  Component  test  planning  and  test 
results.  See  Appendix  A  for  a  discussion  of  the  audit  scope  and  methodology 
and  a  summary  of  prior  coverage. 
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Planning  for  Logistics  Functional 
End-to-End  Testing 

The  end-to-end  test  planning  for  the  inter-Component  mission-critical 
logistics  processes  generally  met  the  requirements  outlined  in  the  DoD 
Management  Plan.  In  response  to  the  practical  limitations  imposed  by 
resource  constraints  and  calendar  time  remaining,  the  DUSD(L),  in 
conjunction  with  the  Logistics  Y2K  Interface  Assessment  Working 
Group,  prioritized  the  logistics  processes  and  data  flows  that  were 
included  in  testing  based  on  their  criticality  to  the  warfighter.  Out  of  15 
core  logistics  processes,  5  were  identified  as  critical.  The  inter- 
Component  testing  of  logistics  systems  supporting  the  5  mission-critical 
processes  was  limited  to  371  mission-critical  systems  out  of  the  149* 
listed  in  the  DoD  Y2K  Reporting  Database.  However,  the  DUSD(L)  did 
not  formally  document  the  risk  assessment  process  that  was  required  to 
be  conducted  as  part  of  identifying  and  prioritizing  the  core  logistics 
processes.  Additionally,  the  DUSD(L)  did  not  systematically  monitor 
the  content  of  the  commander  in  chief  operational  evaluations  or  Service 
integration  tests  to  ensure  that  any  systems  or  processes  not  covered 
were  identified  and  included  in  the  logistics  functional  end-to-end  tests. 
Although  the  DUSD(L)  proposed  an  additional  risk  mitigation  step,  the 
Chief  Information  Officers  of  the  Components,  except  for  the  Air  Force, 
had  not  agreed  to  perform  the  verification  and  validation  of  100  percent 
of  mission-critical  code.  As  a  result,  more  needs  to  be  done  to  enable 
the  DUSD(L)  to  perform  an  overall  assessment  of  the  logistics  functional 
area’s  Y2K  readiness  and  the  Chief  Information  Officers  of  the 
Components  need  to  support  the  DUSD(L)  efforts  to  ensure  that  critical 
logistics  systems  will  operate  in  a  Y2K  environment. 


DoD  Guidance 

The  DoD  Management  Plan,  Appendix  I,  assigns  responsibility  to  the  PSAs  for 
‘ensuring  the  end-to-end  functional  process  flows  that  support  their  functional 
area  are  assessed  either  in  a  JS/CINC  [Joint  Staff/Commander  in  Chief]  Y2K 
Op  Eval  [Operational  Evaluation],  a  Service-sponsored  System  Integration  Test, 
or  through  a  Functional-Area  Y2K  End-to-End  Test.”  Appendix  I  also  states 


‘According  to  information  provided  by  the  participating  Components  since  the  issuance  of  the  draft 
report,  a  total  of  31  mission-critical  logistics  systems  were  tested  during  Level  II  testing.  The  count 
used  in  this  report  was  based  on  planning  documents  showing  the  testing  of  five  Navy  systems  that  were 
not  actually  included  during  Level  II,  and  the  inclusion  of  one  Air  Force  communications  system  on  the 
list  of  logistics  systems. 

2Since  the  issuance  of  the  draft  report,  the  Air  Force  dropped  a  total  of  3  systems  from  the  DoD  Y2K 
Reporting  Database  and  the  Defense  Logistics  Agency  changed  the  functional  area  code  of  1  mission- 
critical  system  from  environmental  security  to  logistics,  which  resulted  in  a  total  of  147  mission-critical 
logistics  systems  as  of  September  22,1999. 


3 


that  the  PSAs’  responsibilities  include  “planning,  executing,  and  evaluating  all 
mission-critical  systems  not  otherwise  tested  and  for  ensuring  that  processes  that 
fall  within  their  purview  are  evaluated.”  The  DUSD(L)  acts  on  behalf  of  the 
PSA  for  logistics3 4  in  performing  those  functions  for  the  logistics  functional  area. 
This  report  refers  to  actions  taken  by  the  DUSD(L)  in  that  role. 


End-to-End  Test  Planning 

The  DUSD(L)  implemented  and  executed  key  components  of  the  DoD 
Management  Plan  in  his  efforts  to  adequately  plan  for  and  manage  logistics 
functional  end-to-end  testing.  Test  planning  was  accomplished  through  the 
“Logistics  Capstone  Operational  Assessment  Plan  for  Year  2000”  (Logistics 
Capstone  Plan),  dated  October  30,  1998/  The  Logistics  Capstone  Plan 
provided  the  overall  strategy  for  conduct  of  the  logistics  end-to-end  testing  and 
was  coordinated  with  the  Services,  the  Defense  Logistics  Agency  (DLA),  the 
Joint  Interoperability  Test  Command,  and  the  Joint  Staff.  The  October  1998 
Logistics  Capstone  Plan  was  updated  in  February  1999  and  again  in  May  1999 
to  reflect  evolving  schedules  and  processes.  Its  name  was  changed  to  “Logistics 
Capstone  Plan  for  Year  2000  End-to-End  Test”  as  part  of  the  February  update. 

In  this  report,  unless  otherwise  noted,  Logistics  Capstone  Plan  refers  to  die 
May  20,  1999,  version.  For  a  summary  of  the  Logistics  Capstone  Plan,  see 
Appendix  B. 

The  overall  strategy  presented  in  the  Logistics  Capstone  Plan  was  augmented 
with  Component  plans  from  the  Army,  the  Navy,  the  Air  Force,  the  Marine 
Corps,  and  DLA.  Those  Component  plans  were  included  as  appendixes  to  the 
Logistics  Capstone  Plan.  (The  planning  accomplished  by  the  Components  will 
be  addressed  in  separate  reports.)  Detailed  planning  necessary  to  execute  the 
testing  called  for  in  the  Logistics  Capstone  Plan  was  accomplished  by  an 
exercise  directive  and  event  plans.  The  key  components  of  the  logistics  end-to- 
end  test  strategy  are  as  follows. 

Test  Approach.  The  Logistics  Capstone  Plan  defines  three  levels  of  testing  and 
delegates  responsibility  for  each.  The  multilevel  test  approach  consisted  of 
intra-Component  events  (Level  I),  inter-Component  events  (Level  II),  and  post¬ 
test  activities  that  include  retest  (Level  III).  Level  I  test  events  were  designed  to 
ensure  processes  and  systems  within  a  Component’s  organizational  boundaries 
are  Y2K  ready.  Level  II  testing  was  to  verify  mission-critical  processes  and 
information  flows  that  involve  more  than  a  single  Component  are  Y2K  ready. 
The  execution  and  oversight  of  the  Level  I  testing  was  delegated  to  the 
Components  while  DUSD(L)  focused  on  Level  II  testing  and  post-test  events, 
such  as  retest,  during  Level  III.  The  DUSD(L)  required  that  the  Components 
obtain  an  independent  verification  and  validation  of  Level  I  testing.  Independent 


3The  Under  Secretary  of  Defense  for  Acquisition  and  Technology  is  the  PSA  for  logistics. 

4The  October  30,  1998,  Logistics  Capstone  Plan  was  approved  by  the  Deputy  Secretary  of  Defense  in 
November  1998. 


4 


verification  and  validation  of  Level  II  testing  was  achieved  through  the  use  of 
the  Joint  Interoperability  Test  Command  for  test  planning,  execution,  and 
reporting. 

Core  Processes.  In  conjunction  with  the  Logistics  Y2K  Interface  Assessment 
Working  Group5  (Logistics  IAWG),  the  DUSD(L)  identified  8  out  of  15  core 
supply  and  materiel  management  processes  as  mission-critical.  The  Logistics 
Capstone  Plan  defines  those  mission-critical  processes  as  being  “so  dependent 
on  automation,  that  within  hours  or  days  of  an  automation  system  being  needed 
and  not  available,  a  warfighting  mission  is  impaired.  ”  DUSD(L)  representatives 
explained  that,  as  a  general  rule,  the  time  period  was  set  at  72  hours.  Those 
15  core  processes,  including  the  8  processes  considered  to  be  mission-critical, 
were  listed  in  Appendix  B  of  the  October  1998  Logistics  Capstone  Plan  and  are 
shown  in  the  following  table.  Those  eight  mission-critical  processes  were 
further  evaluated  by  the  Logistics  IAWG  with  the  result  that  five  mission-critical 
logistics  processes  were  determined  to  be  required  to  support  the  warfighter. 
Those  five  processes  were  included  in  Level  II  testing.  The  following  table  lists 
the  core  logistics  processes,  showing  which  were  determined  to  be  mission- 
critical  and  which  were  determined  to  be  required  to  support  the  warfighter. 


The  Logistics  IAWG  membership  was  composed  of  DoD  Component  representatives  and  was  chaired  by 
the  Director,  Logistics  Systems  Modernization. 
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Mission  Criticality  of  Core  Logistics  Processes 


Logistics  Process 

Mission 

Critical 

Required  by 
Warfighter 

MILSTRIP1  Requisition  Cycle 

Yes 

Yes 

MILSTRIP  Foreign  Military  Sales  Requisition  Cycle 

Yes 

No 

MILSTRIP  Lateral  Distribution  Process 

Yes 

No 

MILSTRIP  Materiel  Returns  Program 

No 

No 

MILSTRIP  Materiel  Obligation  Validation  Cycle 

No 

No 

MILSTRAP2  Receipt  Processing 

Yes 

Yes 

MILSTRAP  Physical  Inventory  Control  Program 

Yes 

Yes 

MILSTRAP  Logistics  Reassignment  Process 

No 

No 

MILSTRAP  Asset  Status  Reporting 

Yes 

Yes 

MILSTRAP  Small  Arms  Serial  Number  Registration 
and  Reporting 

No 

No 

MILSTRAP  Special  Program  Requirements, 

Logistics  Asset  Support  Estimate,  and  War 

Materiel  Requirements  Reporting 

Yes 

No 

MILSTAMP3  Shipment  Process 

Yes 

Yes 

MILSTAMP  Transportation  Billing  Process 

No 

No 

MILSCAP4  Contract  Administration  Process 

No 

No 

MILSBILLS5  Billing,  Interfund  Reimbursement,  and 
Adjustment  Process 

No 

No 

'Military  Standard  Requisitioning  and  Issue  Procedures. 

^Military  Standard  Transactions  Reporting  and  Accounting  Procedures. 

3Military  Standard  Transportation  and  Movement  Procedures. 

^Military  Standard  Contract  Administration  Procedures. 

^Military  Standard  Billing  System. 

Systems  Supporting  Warfighters.  Thirty-seven  mission-critical  logistics 
systems  were  to  be  included  in  the  Level  II  logistics  end-to-end  testing.  Those 
systems  were  identified  for  inclusion  in  the  testing  because  they  provided  critical 
functionality  required  to  accomplish  a  portion  of  one  of  the  five  mission-critical 
logistics  processes.  The  37  logistics  systems  were  composed  of  8  Army 
systems;  12  Navy  systems;  5  Air  Force  systems;  6  Marine  Corps  systems;  and 
6  DLA  systems/  A  total  of  149  logistics  systems  were  identified  as 


6The  count  of  Navy  systems  actually  included  in  Level  II  testing  changed  from  12  to  7  as  a  result  of 
verification  of  the  Navy  data  on  mission-critical  systems.  The  count  of  Air  Force  systems  tested 
included  four  logistics  systems  and  one  communications  system. 
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mission-critical  in  the  DoD  Y2K  Reporting  Database.  The  DoD  Y2K  Reporting 
Database,  maintained  by  the  Assistant  Secretary  of  Defense  (Command, 

Control,  Communications,  and  Intelligence),  provides  a  listing  of  DoD  mission- 
critical  systems  and  their  Y2K  status. 

Maintenance  and  Transportation.  Maintenance  and  transportation  functions 
will  be  included  in  the  DUSD(L)  overall  assessment  of  the  logistics  functional 
area’s  Y2K  readiness  although  processes  from  the  maintenance  and 
transportation  functions  were  not  included  in  the  logistics  end-to-end  testing. 
Maintenance  and  transportation  were  acknowledged  as  core  logistics  processes 
in  the  October  1998  and  May  1999  versions  of  the  Logistics  Capstone  Plan. 

The  Logistics  Capstone  Plan  states  that  “it  is  assumed  that  cross-Component 
mission  critical  interfaces  between  maintenance  activities  are  generally  made 
through  supply  channels.”  As  a  result,  the  Logistics  Capstone  Plan  delegated 
the  testing  of  maintenance  end-to-end  process  flows  to  the  Components  and  did 
not  further  define  maintenance  processes.  The  Logistics  Capstone  Plan 
delegated  the  testing  of  transportation  end-to-end  process  flows  to  the  U.S. 
Transportation  Command  and  the  Services. 

Although  the  Commander  in  Chief,  U.S.  Transportation  Command,  was 
responsible  for  testing  the  key  end-to-end  strategic  transportation  process  flows 
during  operational  evaluations  planned  with  the  U.S.  Central  Command, 
strategic  transportation  processes  were  described  in  some  detail  in  the  Logistics 
Capstone  Plan.  Those  strategic  processes  included: 

•  determining  transportation  infrastructure  and  processes; 

•  conducting  deployment  and  redeployment; 

•  coordinating  global  strategic  fueling; 

•  providing  global  patient  movement  aeromedical  evacuation; 

•  disseminating  and  integrating  national  and  strategic  intelligence  in 
support  of  the  Defense  Transportation  System;  and 

•  providing  strategic  direction  and  integration  in  support  of  the  Defense 
Transportation  System. 

The  responsibility  for  testing  end-to-end  Service-unique  and  theater-assigned 
transportation  process  flows  was  assigned  to  the  Services.  Processes  to  be 
included  were: 

•  determining  transportation  requirements; 

•  providing  and  sustaining  transportation  operations;  and 

•  exercising  command  and  control  of  transportation  operations. 
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Results  from  the  operational  evaluations  were  reported  to  the  DUSD(L)  through 
the  Chairman,  Joint  Chiefs  of  Staff,  reporting  chain.  In  preparing  the  overall 
assessment  of  logistics  Y2K  readiness,  the  DUSD(L)  was  to  reflect  the  results  of 
those  operational  evaluations. 

Test  Limitations.  The  Logistics  Capstone  Plan  acknowledged  the  practical 
limitations  of  resource  constraints  and  calendar  time  remaining  for  planning  the 
fiinctional  end-to-end  testing.  The  prioritization  scheme  for  determining  which 
processes  and  systems  were  to  be  tested  was  based  on  the  application  of  the 
definition  of  mission-critical  developed  by  the  DUSD(L)  and  the  Logistics 
IAWG.  Additional  limitations  that  impacted  the  robustness  of  testing  included 
the  following  areas. 

Processes  and  System  Interactions.  All  logistics  processes  and 
mission-critical  system  interactions  could  not  be  tested  within  the  calendar  time 
available.  Thin  lines  of  systems,  the  minimum  essential  automated  information 
required  to  support  the  mission-critical  processes,  were  selected  by  the  Logistics 
IAWG. 


Information  Flows.  All  information  flows  within  the  thin  lines  of 
systems  could  not  be  tested.  The  Logistics  IAWG  selected  supply  transactions 
for  electronics  items  represented  by  176  national  stock  numbers  for  the  Level  II 
end-to-end  testing. 

Commodities.  Not  all  DLA  commodity  groups  could  be  tested  because 
of  limited  calendar  time  and  availability  of  test  environments.  Specifically,  out 
of  six  DLA  commodity  groups  managed  by  the  Standard  Automated  Materiel 
Management  System,  one  (electronics)  was  included  in  the  inter-Component 
Level  II  testing.  Commodities  not  included  in  the  testing  were  clothing  and 
textiles,  construction,  industrial,  medical,  and  general  supplies. 

Date  Crossings.  Level  II  testing  included  date  crossings  for  fiscal  year 
2000,  calendar  year  2000,  and  February  29,  2000.  Fiscal  year  and  calendar 
year  2001  were  not  included. 

Test  Environment.  The  test  environment  was  not  the  same  as  the 
production  environment7  for  all  systems  included  in  the  testing  because  of 
limitations  on  the  availability  of  test  environments. 

Operational  Mode.  The  operational  tempo  simulated  during  testing  was 
not  representative  of  the  transaction  load  on  the  participating  systems  or  their 
supporting  infrastructure  that  could  be  expected  during  a  major  theater  war; 
other  military  action,  such  as  a  peacekeeping  mission;  or  day-to-day  transactions 
during  peacetime. 

Contingency  Plans.  Contingency  plans  for  all  mission-critical  systems 
participating  in  the  logistics  end-to-end  testing  were  not  exercised  by  June  30, 
1999,  as  required  by  the  DoD  Management  Plan.  The  DoD  Management  Plan, 

7 A  production  environment  is  the  environment  in  which  a  software  application  operates  on  a  day-to-day 
basis. 
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Appendix  H,  requires  two  types  of  contingency  plans  that  address  potential  Y2K 
disruptions:  system  and  operational.  The  system  contingency  plan  is  to  focus 
on  procedures  necessary  to  restore  a  system  if  disruptions  occur.  The 
operational  contingency  plan  is  to  detail  the  procedures  by  which  the  mission  or 
functions  supported  by  a  system  will  be  continued  during  any  disruption. 

System  contingency  plans  were  to  have  been  developed  by  December  30,  1998, 
in  support  of  the  system  Y2K  certification  that  was  required  by  December  31, 

1998.  Operational  contingency  plans  were  to  have  been  completed  by 
March  31,  1999.  Both  types  of  plans  were  to  have  been  exercised  by  June  30, 

1999. 

The  Logistics  Capstone  Plan  provides  guidance  on  three  types  of  contingency 
plans.  The  titles  of  those  plans  do  not  match  the  terminology  used  in  the  DoD 
Management  Plan.  The  three  types  of  plans  were  contingency  plans;  site  and 
system  continuity  of  operations  plans;  and  logistics  continuity  of  operations 
plans.  The  Logistics  Capstone  Plan  requires  that  “all  thin-line  systems 
supporting  the  identified  mission  critical  functions  must  have  an  effective 
contingency  plan.”  Although  the  DoD  Management  Plan  established  a  target 
completion  date  of  June  30,  1999,  for  completion  of  testing  of  both  system  and 
operational  plans,  the  Logistics  Capstone  Plan  set  a  target  date  of  September  1, 
1999,  for  testing  the  individual  contingency  plans.  According  to  DUSD(L) 
representatives,  the  Services  did  not  meet  the  DoD  Management  Plan  milestone 
of  June  30,  1999,  for  exercising  system  and  operational  contingency  plans  for 
those  mission-critical  systems  involved  in  the  end-to-end  tests.  However,  the 
contingency  plans  were  expected  to  be  exercised  by  the  September  1,  1999,  date 
listed  in  the  Logistics  Capstone  Plan.  As  of  September  22,  1999,  the  system 
and  operational  contingency  plans  for  all  the  mission-critical  systems  had  not 
been  exercised. 

In  addition,  the  Logistics  Capstone  Plan  tasks  Components  to  conduct  an 
analysis  of  the  impact  on  mission-critical  processes  of  the  failure  of  information 
systems  or  the  disruption  of  infrastructure  services,  such  as  electric  power  and 
telecommunications,  and  to  document  that  analysis  in  system  continuity  of 
operations  plans.  The  Logistics  Capstone  Plan  required  Components  to  submit 
continuity  of  operations  plans  for  review  by  June  15,  1999,  or  to  be  prepared  to 
exercise  them  before  December  1,  1999.  The  Logistics  Capstone  Plan  also 
addresses  the  Logistics  Continuity  of  Operations  Plan  (LCOP),  which  focuses 
on  identifying  and  managing  Y2K  risks  to  core  missions  and  operations.  The 
Logistics  Capstone  Plan  calls  for  the  LCOP  to  be  developed  by  the  DUSD(L)  by 
September  15,  1999. 

Risk  Assessments.  The  DUSD(L)  did  not  document  the  risk  assessment 
performed  during  the  process  of  prioritizing  logistics  processes  for  inclusion  in 
end-to-end  testing  as  required  by  the  DoD  Management  Plan.  The  DoD 
Management  Plan  states  that  the  Y2K  event  master  planning  sessions  were  to 
identify  and  prioritize  core  processes  and  perform  risk  assessments.  The 
Logistics  Capstone  Plan  contains  a  section  on  corporate-level  risks.  The 
Logistics  Capstone  Plan  states  that  “Corporate  Level  risks  fall  into  four  general 


8The  requirement  for  a  system  contingency  plan  may  be  met  by  existing  contingency  plans  or  disaster 
recovery  plans  if  those  plans  have  been  updated  to  include  Y2K  disruptions. 
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categories— Scope  [of  testing].  Test  environment,  Schedule  and  Cost.”  The 
Logistics  Capstone  Plan  also  assigns  those  categories  a  risk  rating  of  high, 
medium,  or  low,  based  on  probability  of  occurrence  and  consequences  of 
occurrence,  and  lists  the  mitigation  for  a  particular  risk.  The  Logistics 
Capstone  Plan  states  that  the  discussion  of  corporate-level  risks  is  an  initial  risk 
assessment.  In  addition,  the  Logistics  Capstone  Plan  states  that  a  complete  risk 
mitigation  plan  will  be  incorporated  in  the  risk  management  plan.  DUSD(L) 
representatives  indicated  that  a  risk  management  plan  had  not  been  completed  as 
of  July  8,  1999,  but  that  the  DUSD(L)  planned  to  complete  an  overall  risk 
management  plan  in  the  September  1999  time  frame.  As  of  September  22, 

1999,  the  risk  management  plan  had  not  been  completed.  However,  the 
DUSD(L)  had  reconvened  the  Logistics  IAWG  for  the  purpose  of  working  on 
the  risk  management  plan,  and  it  is  expected  to  be  completed  in  early  November 
1999.  The  DoD  Management  Plan  does  not  have  a  date  for  completion  of  risk 
assessments.  The  risk  management  plan  will  incoiporate  any  risks  identified 
during  the  end-to-end  testing,  as  well  as  any  risks  identified  as  a  result  of 
exercising  the  remaining  contingency  plans. 

In  addition,  the  DoD  Management  Plan  requires  that  “risk  assessment  must  be 
>erformed  as  part  of  the  selection  of  appropriate  systems  for  inclusion  in  the 
test]  event.”  However,  the  DUSD(L)  could  not  provide  formal  documentation 
■or  the  risk  assessment  process  that  resulted  in  the  initial  selection  of  eight  core 
ogistics  processes  as  mission-critical  or  the  further  refinement  of  that 
assessment  that  resulted  in  the  final  selection  of  five  core  logistics  processes  to 
be  included  in  testing.  The  Logistics  Capstone  Plan  states  that  the  critical 
processes  and  systems  to  be  included  in  testing  were  selected  based  on  the 
application  of  the  principle  of  immediate  degradation  of  warfighting  capabilities 
that  was  described  earlier  in  this  report  (in  the  core  processes  paragraph).  In 
addition,  the  DUSD(L)  did  not  have  documentation  that  addressed  risks  or  the 
mitigation  of  risks  associated  with  the  logistics  missions  performed  by  the  10 
core  logistics  processes  that  were  not  included  in  the  functional  end-to-end 
testing.  Further,  there  was  no  risk  assessment  documentation  addressing 
increased  risk  from  the  Services’  delay  in  completing  required  exercising  of 
system  and  operational  contingency  plans.  We  believe  that  any  risk 
management  plan  for  the  logistics  functional  area  must  contain  an  assessment 
and  mitigation  strategy  for  those  logistics  processes  that  were  excluded  from 
end-to-end  testing,  as  well  as  those  that  were  included,  in  order  to  provide  a 
level  of  confidence  that  all  functions  and  missions  will  demonstrate  operational 
readiness  in  the  year  2000. 

Other  Testing.  The  DUSD(L)  did  not  systematically  monitor  the  content  of  the 
commander  in  chief  operational  evaluations,  Service  integration  tests,  or  Level  I 
logistics  end-to-end  testing.  A  primary  responsibility  delegated  to  the  PSAs  by 
the  DoD  Management  Plan  was  to  ensure  that  the  end-to-end  functional  process 
flows  that  support  their  functional  areas  are  assessed  in  commander  in  chief 
operational  evaluations,  Service  integration  testing,  or  functional  end-to-end 
testing.  Further,  the  PSA  was  responsible  for  identifying  mission-critical 
systems  and  processes  that  were  not  covered  by  commander  in  chief  operational 
evaluations  or  Service  integration  tests  and  ensuring  that  those  systems  and 
processes  were  included  in  functional  end-to-end  testing.  As  previously 
discussed,  those  transportation  processes  to  be  tested  by  the  Commander  in 
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Chief,  U.S.  Transportation  Command,  and  the  Services  are  identified  in  the 
Logistics  Capstone  Plan  with  provisions  for  including  the  results  of  that  testing 
in  the  DUSD(L)  overall  assessment  of  the  Y2K  readiness  of  the  logistics 
functional  area.  However,  logistics  process  flows  and  systems  that  were  to  be 
tested  in  a  commander  in  chief  operational  evaluation  or  by  the  Components 
during  Service  integration  testing  were  not  identified  in  the  planning  or  working- 
level  Logistics  IAWG  documents.  DUSD(L)  representatives  reported  that  the 
DUSD(L)  was  not  tracking  the  content  of  the  Service  integration  tests  and  did 
not  have  a  complete  list  of  systems  or  processes  participating  in  Level  I  (intra- 
Component)  testing.  DUSD(L)  personnel  stated  that  visibility  of  the  coverage 
of  those  tests  was  provided  by  Component  participation  in  the  Logistics  IAWG. 
We  believe  that  the  lack  of  systematic  monitoring  of  the  content  of  commander 
in  chief  operational  evaluations.  Service  integration  testing,  and  Level  I  testing 
may  result  in  unnecessary  risk  that  the  required  end-to-end  testing  may  not  have 
been  done  for  all  critical  logistics  systems  and  processes. 

Additional  Measure  to  Mitigate  Risk.  The  DUSD(L)  proposed  an  additional 
risk  mitigation  step  beyond  the  end-to-end  testing  of  mission-critical  logistics 
processes  that  should  further  ensure  that  critical  logistics  processes  will  function 
in  the  year  2000.  In  order  to  make  an  assessment  of  potential  errors  introduced 
as  a  result  of  Y2K  renovation  efforts,  the  DUSD(L)  proposed  that  the 
Components  take  an  additional  risk  mitigation  step  requiring  verification  of 
100  percent  of  the  software  code  for  mission-critical  systems.  Specifically, 
Components  would  be  required  to  provide  a  certification  to  the  DUSD(L)  that 
an  independent  verification  and  validation,  using  advanced  automated  tools,  was 
conducted  on  100  percent  of  the  code  that  impacts  mission-critical  processes. 

The  Air  Force  is  to  be  commended  for  taking  action  to  implement  automated 
code  scanning  for  all  Air  Force  mission-critical  systems,  not  just  logistics 
systems.  However,  a  DUSD(L)  representative  reported  that  at  least  one  Chief 
Information  Officer  does  not  plan  on  complying  with  the  DUSD(L)  requirement. 
Because  of  the  complexity  of  testing  in  the  joint  environment  and  the  thin  lines 
of  functionality  tested  during  the  logistics  end-to-end  tests,  we  believe  that  the 
additional  step  to  apply  state-of-the-art  Y2K  renovation  tools  is  necessary  to  gain 
further  assurance  that  critical  logistics  processes  will  meet  the  needs  of  the 
warfighter  in  the  year  2000  and  beyond. 


Summary 

The  DUSD(L)  generally  met  the  requirements  of  the  DoD  Management  Plan  in 
his  efforts  to  adequately  plan  and  manage  logistics  functional  end-to-end  testing. 
The  Logistics  Capstone  Plan  and  supplemental  test  documents  with  detailed  test 
event  plans  were  developed  by  the  DUSD(L)  in  conjunction  with  the  Logistics 
IAWG.  Although  responsible  for  all  15  core  logistics  processes  identified  by 
the  Logistics  Capstone  Plan,  the  DUSD(L)  acknowledged  practical  limitations  in 
terms  of  time  and  resources  to  the  number  of  processes  and  supporting  systems 
that  could  be  included  in  testing.  Only  5  of  the  core  logistics  processes  and 
select  information  flows  within  37  logistics  systems  were  determined  to  be 
mission-critical  and  were  scheduled  to  be  included  in  Level  II  inter-Component 
tests.  However,  the  DUSD(L)  did  not  formally  document  the  risk  assessment 
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process  that  supported  the  selection  of  mission-critical  processes  and  their 
supporting  systems  and  associated  thin  lines  of  information  flows.  In  addition, 
the  DUSD(L)  did  not  have  formal  documentation  of  the  process  used  to  identify 
any  mission-critical  systems  or  processes  that  were  not  tested  in  commander  in 
chief  operational  evaluations  or  Service  integration  testing.  The  DoD 
Management  Plan  required  that  any  systems  or  processes  that  were  left  out  of 
the  commander  in  chief  operational  assessments  or  Service  integration  testing 
were  to  be  addressed  in  the  functional  end-to-end  testing.  Considering  the  depth 
and  breadth  of  test  coverage,  we  believe  that  a  risk  management  plan  should  be 
developed  by  the  DUSD(L)  that  includes  risk  assessments  and  mitigation  plans 
that  cover  those  processes  not  included  in  the  functional  end-to-end  testing.  To 
further  mitigate  risk,  we  believe  that  the  Components  should  implement  the 
DUSD(L)  proposal  requiring  a  100  percent  scan  of  the  software  code  for 
mission-critical  logistics  systems. 


Test  Status 

The  DUSD(L)  and  the  participating  Components  are  to  be  commended  for  their 
accomplishment  in  developing  test  plans  required  to  ensure  the  execution  of 
inter-Component  testing  of  mission-critical  logistics  processes.  Level  II  testing 
began  on  May  25,  1999,  and  was  completed  on  July  14,  1999.  In  a  working 
draft  report,  “Logistics  Year  2000  End-to-End  Level  II  Exercise  Evaluation 
Report,”  September  1999,  the  Joint  Interoperability  Test  Command  concluded 
that  the  mission-critical  logistics  processes  will  continue  unaffected  by  Y2K- 
related  issues  and  that  the  logistics  automated  information  systems  will  operate 
as  a  whole  to  support  the  five  mission-critical  logistics  processes  included  in 
Level  II  testing.  DUSD(L)  representatives  stated  that  Level  III  testing  would 
not  be  required  because  of  the  successful  demonstration  of  Y2K  capabilities  by 
the  logistics  systems  participating  in  the  test  of  the  five  mission-critical  logistics 
processes. 


Management  Comments  on  the  Finding  and  Audit  Response 

DUSD(L)  Comments.  The  DUSD(L)  took  exception  to  the  statement  in  the 
report  that  DUSD(L)  did  not  systematically  monitor  operational  evaluations. 

The  DUSD(L)  stated  that  the  DoD  Management  Plan  would  have  DUSD(L) 
testing  systems  not  picked  up  in  the  commander  in  chief  operational  evaluations 
or  Service  integration  tests.  The  DUSD(L)  further  stated  that  the  DoD 
Management  Plan  was  inconsistent  with  Deputy  Secretary  of  Defense  guidance 
that  clearly  defined  the  scope  for  complete  end-to-end  testing  of  mission-critical 
processes.  At  a  review  with  the  General  Accounting  Office,  the  DUSD(L)  and 
the  General  Accounting  Office  concluded  that  the  scope  of  testing  defined  in  that 
guidance  was  also  consistent  with  the  law.  In  addition,  the  DUSD(L)  performed 
an  extensive,  systematic  evaluation  of  the  Commander  in  Chief,  U.S. 
Transportation  Command,  operational  evaluation  to  ensure  complete  coverage 
of  the  logistics  mission. 
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Audit  Response.  The  DoD  Management  Plan  implements  Deputy  Secretary  of 
Defense  guidance  and  provides  criteria  for  DoD  Components  to  use  to  ensure 
DoD  functions  will  continue  unaffected  by  Y2K  problems.  Therefore,  we  do 
not  believe  that  the  DoD  Management  Plan  guidance  is  inconsistent  with 
guidance  provided  by  the  Deputy  Secretary  of  Defense  or  public  law. 


Recommendations,  Management  Comments,  and  Audit 
Response 

1.  We  recommend  that  the  Deputy  Under  Secretary  of  Defense  (Logistics) 
develop  a  risk  management  plan  that  includes  a  risk  assessment  and 
mitigation  plan  for  all  core  logistics  processes  and  their  mission-critical 
systems,  with  emphasis  on  risks  associated  with  the  selection  of  the  five 
mission-critical  processes. 

DUSD(L)  Comments.  The  DUSD(L)  concurred,  stating  that  the  risk 
assessment  had  not  been  completed,  but  the  operational  test  coordinator  who 
conducted  the  end-to-end  test  has  been  tasked  to  complete  the  assessment. 
Mitigation  actions  that  result  from  the  assessment  will  be  worked  within  the 
Logistics  IAWG.  In  addition,  the  DUSD(L)  will  emphasize  the  five 
warfighting-critical  materiel  management  processes.  The  risk  assessment  will 
also  cover  the  other  logistics  processes  that  are  important  to  effective  and 
efficient  DoD  operations. 

2.  We  recommend  that  the  Chief  Information  Officers  of  the  Army,  the 
Navy,  and  the  Defense  Logistics  Agency  implement  the  Deputy  Under 
Secretary  of  Defense  (Logistics)  requirement  to  perform  an  independent 
assessment  of  100  percent  of  the  system  software  code  for  mission-critical 
logistics  systems. 

DUSD(L)  Comments.  Although  not  required  to  respond,  the  DUSD(L)  agreed, 
stating  that  all  mission-critical  logistics  software  should  be  reviewed  using 
advanced  automated  tools.  Further,  the  DUSD(L)  stated  that  he  believes  that 
the  use  of  advanced  automated  tools  is  the  only  practical  way  the  DoD 
Components  can  comply  with  the  DUSD(L)  policy  that  requires  evaluation  of 
100  percent  of  mission-critical  software. 

DLA  Comments.  DLA  partially  concurred,  stating  that  it  had  undertaken  a 
code  scanning  program  for  its  mission-critical  logistics  systems  and  had  put 
budgetary  and  administrative  provisions  in  place  to  scan  its  mission-critical 
systems.  Further,  DLA  stated  that  it  was  employing  a  two-stage  code  scanning 
approach.  Stage  one  was  described  as  consisting  of  a  representative  sample  scan 
of  each  mission-critical  system’s  code  to  assess  the  likelihood  of  unremediated 
errors.  DLA  stated  that  stage  two  scanning  (a  100  percent  scan  of  a  system’s 
code)  would  only  be  invoked  if  results  from  the  sample  scan  suggested  strong 
likelihood  of  unremediated  Y2K  errors,  if  the  results  of  the  code  scanning 
initiative  uncovered  a  significant  level  of  errors,  or  if  the  results  suggested  other 
inherent  problems  may  reside  in  the  system.  In  addition,  DLA  stated  that  it 
conducted  a  formal  risk  mitigation  workshop  on  September  8-9,  1999.  The 


participants  included  representatives  of  all  DLA  major  commands,  the  DLA 
Y2K  test  director,  senior  technical  advisory  staff,  and  other  subject  matter 
experts.  DLA  stated  that  the  objective  of  the  meeting  was  to  review  and  assess 
the  status  of  its  Y2K  testing  program  and  to  develop  a  plan  of  action  for  the 
remainder  of  1999. 

Audit  Response.  We  consider  the  DLA  comments  to  be  responsive.  The 
Army  and  the  Navy  did  not  provide  comments  on  the  recommendation.  We 
request  that  the  Army  and  the  Navy  provide  comments  in  response  to  the  final 
report. 
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Appendix  A.  Audit  Process 


This  is  one  in  a  series  of  reports  being  issued  by  the  Inspector  General,  DoD,  in 
accordance  with  an  informal  partnership  with  the  Chief  Information  Officer, 
DoD,  to  monitor  DoD  efforts  to  address  the  Y2K  computing  challenge.  For  a 
listing  of  audit  projects  addressing  this  issue,  see  the  Y2K  web  pages  on  the 
IGnet  at  http://www.ignet.gov/. 


Scope  and  Methodology 

Work  Performed.  We  reviewed  and  evaluated  the  Y2K  test  planning  efforts 
for  the  logistics  functional  end-to-end  testing.  We  evaluated  the  Y2K  test 
planning  efforts  of  the  DUSD(L)  and  compared  those  efforts  with  the  criteria 
contained  in  the  DoD  Management  Plan.  We  obtained  documentation  that 
included  the  Logistics  Capstone  Plan  (October  30,  1998;  February  8,  1999;  and 
May  20,  1999,  versions);  supplemental  test  planning  documents,  such  as  the 
exercise  directive  and  Logistics  IAWG  minutes;  and  the  after-action  review 
briefing  provided  on  July  20,  1999.  In  addition,  we  obtained  and  reviewed  the 
working  draft  report,  “Logistics  Year  2000  End-to-End  Level  II  Exercise 
Evaluation  Report,”  September  1999.  We  interviewed  personnel  within  the 
Office  of  the  DUSD(L)  and  the  Joint  Interoperability  Test  Command. 

Limitations  to  Scope.  Our  review  was  limited  to  the  DUSD(L)  test  planning  as 
set  forth  in  the  Logistics  Capstone  Plan  and  did  not  include  the  test  planning 
accomplished  by  the  Services  and  the  DLA. 

DoD-Wide  Corporate-Level  Goals.  In  response  to  the  Government 
Performance  and  Results  Act,  DoD  established  6  DoD-wide  corporate-level 
performance  objectives  and  14  goals  for  meeting  the  objectives.  This  report 
pertains  to  achievement  of  the  following  objective  and  goal. 

Objective:  Prepare  now  for  an  uncertain  future.  Goal:  Pursue  a 
focused  modernization  effort  that  maintains  U.S.  qualitative  superiority 
in  key  war  fighting  capabilities.  (DoD-3) 

DoD  Functional  Area  Reform  Goals.  Most  major  DoD  functional  areas  have 
also  established  performance  improvement  reform  objectives  and  goals.  This 
report  pertains  to  achievement  of  the  following  objectives  and  goals  in  the 
Information  Technology  Management  Functional  Area. 

•  Objective:  Become  a  mission  partner.  Goal:  Serve  mission 
information  users  as  customers.  (ITM-1.2) 

•  Objective:  Provide  services  that  satisfy  customer  information  needs. 
Goal:  Modernize  and  integrate  Defense  information  infrastructure. 
(ITM-2.2) 
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•  Objective:  Provide  services  that  satisfy  customer  information  needs. 
Goal:  Upgrade  technology  base.  (ITM-2.3) 

High-Risk  Area.  In  its  identification  of  risk  areas,  the  General  Accounting 
Office  has  specifically  designated  risk  in  resolution  of  the  Y2K  problem  as  high. 
This  report  provides  coverage  of  that  problem  and  the  overall  Information 
Management  and  Technology  high-risk  area. 

Audit  Type,  Dates,  and  Standards.  We  performed  this  program  audit  from 
April  through  July  1999  in  accordance  with  auditing  standards  issued  by  the 
Comptroller  General  of  the  United  States,  as  implemented  by  the  Inspector 
General,  DoD.  We  did  not  use  any  computer-processed  data  for  this  audit. 

Contacts  During  the  Audit.  We  visited  or  contacted  individuals  and 
organizations  within  DoD.  Further  details  are  available  on  request. 

Management  Control  Program.  We  did  not  review  the  management  control 
program  related  to  the  overall  audit  objective  because  DoD  recognized  the  Y2K 
issue  as  a  material  management  control  weakness  area  in  the  FY  1998  Annual 
Statement  of  Assurance. 


Summary  of  Prior  Coverage 


The  General  Accounting  Office  and  the  Inspector  General,  DoD,  have 
conducted  multiple  reviews  related  to  Y2K  issues.  General  Accounting  Office 
reports  can  be  accessed  over  the  Internet  at  http://www. gao.gov/.  Inspector 
General,  DoD,  reports  can  be  accessed  over  the  Internet  at 
http://www.dodig.osd.mil/.  The  previous  report  most  relevant  to  the  subject 
matter  of  this  report  is  listed  below. 


General  Accounting  Office 

General  Accounting  Office  Report  No.  AIMD  99-172  (OSD  Case  No.  1823), 
“Defense  Computers:  Management  Controls  Are  Critical  to  Effective  Year 
2000  Testing,”  June  30,  1999. 
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Appendix  B.  Summary  of  Logistics  Capstone 

Plan 


Logistics  End-to-End  Master  Plan.  The  DUSD(L)  met  the  November  1, 

1998,  milestone  for  development  of  a  functional  end-to-end  test  master  plan  as 
required  by  the  DoD  Management  Plan.  The  Logistics  Capstone  Plan  provided 
the  overall  strategy  for  conduct  of  the  logistics  end-to-end  testing.  In  addition, 
the  overall  strategy  presented  in  the  Logistics  Capstone  Plan  was  augmented 
with  more  detailed  planning  in  the  form  of  an  exercise  directive  and  event  plans. 
The  October  1998  Logistics  Capstone  Plan  was  updated  in  February  and  May 
1999  to  reflect  evolving  schedules  and  processes.  In  keeping  with  the  guidance 
provided  in  the  DoD  Management  Plan,  the  Logistics  Capstone  Plan  included 
the  key  elements  discussed  in  the  following  paragraphs. 

Roles  and  Responsibilities.  The  Logistics  Capstone  Plan  spells  out  the 
Y2K  roles  and  responsibilities  for  the  Office  of  the  Secretary  of  Defense  as  well 
as  the  Services  and  Defense  agencies.  Included  in  the  list  of  organizations  with 
Y2K  responsibilities  were  the  Under  Secretary  of  Defense  for  Acquisition  and 
Technology;  the  Assistant  Secretary  of  Defense  (Command,  Control, 
Communications,  and  Intelligence);  the  DUSD(L);  the  Services;  DLA;  the  U.S. 
Transportation  Command;  the  Joint  Interoperability  Test  Command;  the  Joint 
Staff;  and  the  Logistics  IAWG. 

Master  Schedule.  A  logistics  end-to-end  test  master  schedule  is 
provided  in  the  plan.  That  schedule  was  updated  as  the  process  of  test  planning 
was  accomplished.  It  contained  a  timeline  for  accomplishment  for  each  phase  of 
end-to-end  testing. 

Oversight  and  Reporting.  Management  oversight  and  controls  are 
discussed  in  the  Logistics  Capstone  Plan  with  respect  to  the  responsibilities  of 
each  Service  and  Defense  agency  in  managing  Y2K  risks.  For  example,  the 
Services  are  assigned  responsibility  to  assess  risks  affecting  both  their  portions 
of  the  end-to-end  test  and  their  specific  systems  tests,  and  they  are  responsible 
for  reporting  on  risk  management  and  mitigation  efforts.  Although  reporting 
requirements  are  not  addressed  in  a  separate  section  of  the  Logistics  Capstone 
Plan,  reporting  on  end-to-end  test  results  is  addressed.  Quick  reaction  reports 
are  to  be  available  7  days  after  completion  of  a  test  event  with  a  final  report  due 
30  days  after  completion  of  the  test. 

Configuration  Control.  Configuration  control  is  addressed  in  the 
Logistics  Capstone  Plan.  Except  for  emergency  changes  necessitated  by  test 
failures,  the  baseline  configuration  of  the  systems  was  to  be  frozen.  After 
emergency  changes  are  made  to  the  baseline  configuration,  the  system  must  be 
recertified  and  the  test  run  again.  In  addition,  the  Logistics  Capstone  Plan 
states,  “To  reduce  the  risk  that  the  test  environment  may  not  exactly  replicate 
the  production  environment,  the  Components  will  validate  by  1  November 
[19]99  that  they  have  either:  successfully  processed  a  single  cycle  on  their 
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production  system*  with  an  actual  date  shift;  or  that  they  have  conducted  a 
configuration  audit  of  all  systems  platforms  to  provide  assurance  that  the  target 
environment  is  identical  in  all  Y2K-relevant  respects  to  the  test  environment. 

Contingency  Plans.  The  Logistics  Capstone  Plan  requires  that,  at  a 
minimum,  all  thin  lines  of  systems  supporting  identified  mission-critical 
processes  have  an  effective  contingency  plan.  In  addition,  the  Logistics 
Capstone  Plan  states  that  the  contingency  plans  must  be  developed,  reviewed, 
and  validated  by  operators,  must  be  resourced,  and  must  be  tested.  Components 
are  tasked  to  conduct  an  analysis  of  the  impact  on  mission-critical  processes  of 
information  system  failures  or  of  disruptions  of  infrastructure  services,  such  as 
electric  power  and  telecommunications.  Components  were  to  submit  continuity 
of  operations  plans  for  review  by  June  15,  1999.  If  that  target  date  could  not  be 
met,  then  the  continuity  of  operations  plans  were  to  be  exercised  before 
December  1,  1999.  The  Logistics  Capstone  Plan  also  addresses  the  LCOP, 
which  focuses  on  identifying  and  managing  Y2K  risks  to  core  mission 
operations.  The  LCOP  was  to  be  based  on  the  individual  system  contingency 
and  continuity  of  operations  plans.  It  was  to  be  developed  by  the  DUSD(L)  by 
September  15,  1999. 

Risk  Analysis  and  Mitigation.  Corporate-level  risks  are  identified  in 
the  Logistics  Capstone  Plan,  along  with  an  assessment  of  the  probability  of 
occurrence  as  well  as  the  consequences  of  such  an  occurrence.  Components  are 
tasked  to  perform  risk  assessments  for  both  their  portions  of  the  end-to-end 
testing  as  well  as  for  the  systems  that  are  participating  in  the  test.  In  addition, 
the  Logistics  Capstone  Plan  states  those  risk  assessments  are  to  be  included  in 
an  overall  risk  management  plan.  The  Logistics  Capstone  Plan  does  not  give  a 
date  for  completion  of  the  risk  management  plan. 

Management  Controls.  The  ability  to  perform  all  mission-critical 
processes  throughout  the  Y2K  transition  period  is  listed  as  the  primary  measure 
of  effectiveness  in  the  Logistics  Capstone  Plan.  The  Logistics  Capstone  Plan 
states,  “For  each  of  the  mission  critical  processes,  five  factors  need  to  be 
addressed— remediation  status,  schedule,  test  results,  contingency  plan  status, 
and  continuity  of  process.  ” 

Independent  Verification.  The  Logistics  Capstone  Plan  requires  that 
the  Components  use  independent  agents  to  verify  the  intra-Component  testing 
conducted  during  Level  I  testing.  The  Joint  Interoperability  Test  Command 
provided  the  independent  verification  for  the  Level  II  testing. 

Additional  Test  Planning.  Additional  test  planning  that  supplemented  the 
Logistics  Capstone  Plan  was  accomplished  in  the  form  of  the  “Logistics  End-to- 
End  Year  2000  Level  II  Exercise  Directive”  (Exercise  Directive), 


*The  production  system  refers  to  the  software  and  hardware  that  perform  the  system  functions  on  a 
day-to-day  basis. 
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May  21,  1999.  The  Exercise  Directive  provided  execution,  evaluation 
information,  and  instruction  for  the  Level  II  end-to-end  testing  sponsored  by  the 
DUSD(L).  Included  in  the  Exercise  Directive  were  appendixes  addressing  data 
management;  data  collection;  data  evaluation;  exercise  control;  data 
authentication  group  operation;  and  a  day-by-day  event  schedule. 
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Appendix  C.  Report  Distribution 


Office  of  the  Secretary  of  Defense 

Under  Secretary  of  Defense  for  Acquisition  and  Technology 
Deputy  Under  Secretary  of  Defense  (Logistics) 

Director,  Logistics  System  Modernization 
Under  Secretary  of  Defense  (Comptroller) 

Deputy  Chief  Financial  Officer 
Deputy  Comptroller  (Program/Budget) 

Assistant  Secretary  of  Defense  (Command,  Control,  Communications,  and  Intelligence) 
Deputy  Chief  Information  Officer  and  Deputy  Assistant  Secretary  of  Defense  (Chief 
Information  Officer  Policy  and  Implementation) 

Principal  Director  for  Year  2000 

Department  of  the  Army 

Chief  Information  Officer,  Army 
Auditor  General,  Department  of  the  Army 
Inspector  General,  Department  of  the  Army 

Department  of  the  Navy 

Assistant  Secretary  of  the  Navy  (Financial  Management  and  Comptroller) 

Chief  Information  Officer,  Navy 
Auditor  General,  Department  of  the  Navy 
Inspector  General,  Department  of  the  Navy 
Inspector  General,  Marine  Corps 
Chief  Information  Officer,  U.S.  Marine  Corps 

Department  of  the  Air  Force 

Assistant  Secretary  of  the  Air  Force  (Financial  Management  and  Comptroller) 

Chief  Information  Officer,  Air  Force 
Auditor  General,  Department  of  the  Air  Force 
Inspector  General,  Department  of  the  Air  Force 


Other  Defense  Organizations 

Director,  Defense  Contract  Audit  Agency 

Chief  Information  Officer,  Defense  Contract  Audit  Agency 
Director,  Defense  Information  Systems  Agency 

Inspector  Genera!,  Defense  Information  Systems  Agency 
Chief  Information  Officer,  Defense  Information  Systems  Agency 
Director,  Defense  Logistics  Agency 

Chief  Information  Officer,  Defense  Logistics  Agency 
Director,  National  Security  Agency 

Inspector  General,  National  Security  Agency 
Inspector  General,  Defense  Intelligence  Agency 

Non-Defense  Federal  Organizations  and  Individuals 

Office  of  Management  and  Budget 

Office  of  Information  and  Regulatory  Affairs 

National  Security  Division  Special  Projects  Branch 
Federal  Chief  Information  Officers  Council 
General  Accounting  Office 

National  Security  and  International  Affairs  Division 
Technical  Information  Center 

Director,  Defense  Information  and  Financial  Management  Systems,  Accounting  and 
Information  Management  Division 
Inspector  General,  General  Services  Administration 


Congressional  Committees  and  Subcommittees,  Chairman  and 
Ranking  Minority  Member 

Senate  Committee  on  Appropriations 

Senate  Subcommittee  on  Defense,  Committee  on  Appropriations 

Senate  Committee  on  Armed  Services 

Senate  Committee  on  Governmental  Affairs 

Senate  Special  Committee  on  the  Year  2000  Technology  Problem 

House  Committee  on  Appropriations 

House  Subcommittee  on  Defense,  Committee  on  Appropriations 
House  Committee  on  Armed  Services 
House  Committee  on  Government  Reform 

House  Subcommittee  on  Government  Management,  Information,  and  Technology, 
Committee  on  Government  Reform 

House  Subcommittee  on  National  Security,  Veterans  Affairs,  and  International 
Relations,  Committee  on  Government  Reform 
House  Subcommittee  on  Technology,  Committee  on  Science 


21 


Deputy  Under  Secretary  of  Defense 
(Logistics)  Comments 


OFFICE  OF  THE  UNDER  SECRETARY  OF  DEFENSE 

3000  DEFENSE  PENTAGON 
WASHINGTON.  DC  20301*3000 

SEP  22  1999 


(L/LSM) 


MEMORANDUM  FOR  DOD  INSPECTOR  GENERAL 

SUBJECT:  Draft  Audit  Report  on  DUSD(L)  Year  2000  (Y2K)  End-to-End  (E2E) 
Testing:  Logistics  Capstone  Plan  (Report  No.  9LD-9024) 

The  subject  audit  recommended  that  the  Deputy  Under  Secretary  of  Defense  for 
Logistics  (DUSD(L))  will:  (1)  develop  a  risk  management  and  mitigation  plan  for  all 
logistics  processes  and  mission  critical  systems,  and  (2)  the  Chief  Information  Officers  of 
the  Army,  Navy,  and  the  Defense  Logistics  Agency  implement  the  DUSD(L)  requirement 
for  independent  verification  and  validation  of  100  percent  of  the  software  code  that 
impacts  the  mission  critical  logistics  processes. 

We  concur  with  your  recommendations.  Regarding  the  first,  the  Logistics 
Capstone  Plan  calls  for  a  risk  assessment  that  is  not  yet  completed.  I  have  assigned  the 
Operational  Test  Coordinator  (OTC)  (who  conducted  the  end-to-end  test)  the  task  of 
completing  the  assessment.  Mitigation  actions  that  result  from  the  assessment  will  be 
worked  with  the  Logistics  Interface  Assessment  Working  Group,  the  same  group  who 
planned  and  executed  our  tests.  At  your  report  suggests,  we  will  emphasize  the  five, 
warfighting-crieical,  materiel  management  processes  The  risk  assessment  will  also  cover 
the  other  logistics  processes  that  are  important  to  effective  and  efficient  DoD  operations. 

Regarding  the  second  recommendation,  we  concur  that  all  software  on  logistics 
mission  critical  threads  should  be  reviewed  using  advanced  automated  tools.  We  believe 
that  is  the  only  practical  way  the  Components  can  comply  with  our  policy  that  requires 
evaluation  of  100  percent  of  mission  critical  software.  Manual  assessment  or  renovation 
procedures,  or  applying  first  generation  automated  tools,  cannot  provide  that  assurance. 
Furthermore,  while  the  end-to-end  test  was  designed  to  exercise  all  mission  critical  logic 
paths  against  the  most  critical  dates  that  should  have  been  remediated,  thi  test  was  not 
designed  to  show  errors,  related  to  other  dates,  which  may  have  been  introduced  during 
renovation  An  early  finding  of  the  Air  Force  when  they  applied  advanced  tools  to  a 
renovated  logistics  system  was  a  window  erroneously  placed  in  February  of  2000. 
Another  benefit  of  these  tools  is  theiT  ability  to  identify  Trojan  horses  and  trap  doors 
introduced  during  renovation. 

The  finding  "The  DUSD(L)  did  not  systematically  monitor  the  content  of  the 
Commander-in-Chief  (CINQ  operational  evaluations"  (page  10  and  repeated  in  all 
summaries)  also  warrants  comment  This  finding  is  based  on  the  DoD  management  plan 
which  would  have  us  testing  the  systems  not  picked  up  in  CXNC  OPEVALS  or  Service 
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integration  tests.  The  implication  in  the  audit  is  inconsistent  with  DEPSECDEF  guidance 
that  clearly  defined  the  scope  for  complete  end-to-end  testing  of  mission  critical 
processes.  At  a  review  with  GAO  this  month*  we  reviewed  the  law  and  are  confident  that 
our  scope  was  entirely  consistent  with  that  as  well.  We  performed  an  extensive, 
systematic  evaluation  of  the  ONC  TRANSCOM  OPBVALS  (the  only  CINC  who 
executes  solely  a  logistics  function)  to  ensure  complete  coverage  of  our  mission.  We 
recommend  that  all  references  to  the  monitoring  of  other  tests  should  be  deleted  from  the 
audit. 

Lastly,  I  want  to  commend  your  staff  for  bringing  their  concerns  to  us  in  a  timely 
manner.  As  important  as  the  findings  in  this  report,  was  your  staff  s  contribution  to  our 
formulating  policy  by  their  active  participation  in  our  working  groups.  Your  staff  were 
true  team  members.  Please  direct  any  questions  to  my  point  of  contact,  Mr.  John  Nyere, 
DUSD(L/LSM),  (703)692-6032,  e-mail:  nyereje@acq.os&mil. 

(tilUMit 

Jl^RogerW.  Kallock 
™  Deputy  Under  Secretary  of  Defense 
for  Logistics 
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Defense  Logistics  Agency  Comments 


SEP  1  3  fiflB 


SUBJECT:  Year  2000  End-to-End  Testing:  Logistics  Capstone  Flan 
(Project  No.  9LD-9024) 


FINDING:  Planning  for  Logistics  Functional  End-to-End  Testing.  The  end-to-end  test 
planning  for  the  inter-Component  mission-critical  logistics  processes  generally  met  the 
requirements  outlined  in  the  DoD  Management  Plan.  In  response  to  the  practical  limitations 
imposed  by  calendar  time  remaining,  the  DUSD(L)  prioritized  the  logistics  processes  and  data 
flows  that  were  included  in  testing  based  on  their  criticality  to  the  warfighter.  Out  of  15  core 
logistics  processes,  5  were  identified  as  critical.  The  inter-Component  testing  of  logistics 
systems  supporting  the  5  mission-critical  processes  was  limited  to  37  mission-critical  systems 
out  of  the  149  listed  in  the  DoD  Y2K  Reporting  Database.  However,  the  DUSD(L)  did  not 
formally  document  the  risk  assessment  process  that  was  required  to  be  conducted  as  part  of 
identifying  and  prioritizing  toe  core  logistics  processes.  Additionally,  the  DUSD(L)  did  not 
systematically  monitor  the  content  of  toe  commander  in  chief  operational  evaluations  or  Service 
integration  tests  to  ensure  that  any  systems  or  processes  not  covered  were  identified  and  included 
in  the  logistics  functional  end-to-end  tests  Although  the  DUSD(L)  proposed  an  additional  risk 
mitigation  step,  toe  Chief  Information  Officers  of  all  the  Components,  except  for  the  Air  Force, 
had  not  agreed  to  perform  the  verification  and  validation  of  100  percent  of  mission-critical  code. 
As  a  result,  more  needs  to  be  done  to  enable  the  DUSD(L)  to  perform  an  overall  assessment  of 
the  logistics  functional  area’s  Y2K  readiness  and  the  Chief  Information  Officers  of  the 
Components  need  to  support  toe  DUSD(L)efforts  to  ensure  that  critical  logistics  systems  will 
operate  in  a  Y2K.  environment. 

DLA  COMMENTS:  Partially  concur. 

The  Chief  Information  Officer  supports  toe  efforts  of  toe  DUSD  (L)  to  perform  verification  and 
validation  of  the  mission  critical  code  and  has  already  undertaken  a  code-scanning  program  for 
its  mission  critical  logistics  systems.  DLA  is  in  the  process  of  completing  time  machine  testing 
of  its  mission  critical  systems.  Our  strategy  is  also  to  scan  as  much  of  the  code  of  its  mission 
critical  systems  consistent  with  its  budgetary  and  resource  constraints. 


RECOMMENDATION  I:  Referred  to  DUSD  (L)  for  comment. 

RECOMMENDATION  2:  We  recommend  that  the  Chief  Information  Officers  of  the  Army,  the 
Navy,  and  the  Defense  Logistics  Agency  implement  the  Deputy  Under  Secretary  of  Defense 
(Logistics)  requirement  to  perform  an  independent  assessment  of  1 00  percent  of  the  system 
software  code  for  mission-critical  logistics  systems. 

DLA  COMMENTS:  Partially  concur. 

DLA  has  already  undertaken  a  code-scanning  program  for  its  mission-critical  logistics  systems. 
DLA  has  put  budgetary  and  administrative  provisions  in  place  to  scan  its  mission-critical 
systems.  DLA  believes  it  is  more  prudent  to  employ  a  two-stage  code-scanning  approach  as 
follows: 
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SEP  13  1890 


a.  Stage  one  consists  of  a  representative  sample-scan  of  each  mission-critical  system's 
code  to  assess  the  likelihood  of  significant  Y2K-related  errors  remaining 
unremediated  in  that  system.  This  sample-scan  will  consist  of  a  minimum  of 
250,000  lines  of  code  (LOC). 

„  b.  Stage  two  scanning  (100  percent  ofa  system's  code)  would  be  invoked  under  either 

of  two  scenarios; 

1)  if  the  results  from  the  sample-scan  for  a  system  suggest  a  strong  likelihood  of 
unremediated  Y2K  errors  remaining  in  the  code,  or 

2)  if  the  overall  results  of  DLA’s  code  scanning  initiative  (both  sample-scans  and 
full  system  scans)  have  uncovered  a  significant  level  of  errors  or  suggest  other 
inherent  problems  may  reside  in  the  systems. 

This  two-stage  approach  has  already  been  applied  to  the  Defense  Fuels  Automated  Management 
System  (DFAMS),  which  had  not  yet  undergone  its  scheduled  time  machine  testing  for  full 
system  functional-capability.  A  250K  LOC  sample-scan  turned  up  sufficient  potential  Y2K- 
related  errors  in  the  code  to  justify  a  100  percent  scan,  which  is  now  in  process.  Sample  code 
scans  are  in  process  or  scheduled  for  DISMS,  DSS,  MADS,  MOCAS,  and  SAMMS. 

In  addition  to  its  commitment  to  code  scanning  as  a  risk  mitigation  tactic,  DLA  conducted  a 
formal  risk  mitigation  workshop  on  September  8-9, 1999.  The  participants  included 
representatives  of  all  major  DLA  Commands,  the  DLA  Y2K  Test  Director,  senior  technical 
advisory  staff,  and  other  subject  matter  experts.  The  objective  of  the  meeting  was  to  review  and 
assess  the  status  of  DLA’s  Y2K  testing  program  to-date,  and  to  develop  a  plan  of  action  for  the 
remainder  of  1999. 

The  workshop  addressed  those  areas  within  DLA’s  overall  mission-critical  IT  infrastructure 
where  the  most  significant  degree  of  continuity  and/or  mission  fulfillment  risk  remains.  DLA 
believes  that  this  timing  is  optimal  for  effective  risk  mitigation.  The  Agency  has  had  significant 
Y2K  testing  experience  and  is  folly  capable  of  making  assessments  of  the  relative  strengths  and 
weaknesses  regarding  the  Y2K  status  of  DLA’s  mission-critical  systems.  There  is  sufficient 
time  remaining  prior  to  2000  to  take  whatever  actions  are  deemed  advisable  to  further  ensure  a 
smooth  Y2K  transition. 

DISPOSITION:  Action  is  Ongoing.  BCD:  October  30, 1999 
ACTION  OFFICER:  Clarence  McNeill,  Cl 

REVIEW/APPROVAL:  Carla  A.  von  Bemewitz,  Chief  Information  Officer 
COORDINATION:  Peggy  Hayes,  DDAI 
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